What are the consequences of infrastructure drift?

  • Downtime

    If your production environment changes and operations is unaware of it, applications may crash and deployments can fail.

  • Data breaches

    Drift can leave critical data exposed if resources are accidentally set to public access. Resources cannot be governed if IT does not know about them.

  • Unnecessary costs

    Temporary infrastructure changes can be left unnoticed, costing you thousands of dollars per month in unnecessary provisioning fees.

Built-in drift detection in Terraform Cloud

Drift Detection for Terraform Cloud offers built-in continuous checks against infrastructure state to detect changes and provide alerts. This allows Terraform to provide a central pane of visibility into all your infrastructure by addressing continuous checks against the infrastructure to validate that it matches the last known Terraform state.

Detect drift immediately

Terraform Drift Detection preemptively detects when a resource has changed from what Terraform shows in the state file. Terraform Cloud displays the current state of drift and provides additional information such as the last time drift was checked, the resources detected as being in a state of drift, and a visualization of what attributes have changed.

TFC Drift

Create custom alert notifications

With Drift Detection for Terraform Cloud you can create customizable notifications to make sure the right people are alerted using your preferred method of communication, including email, Slack, or a webhook.

TFC Drift Notify

Remediate drift in Terraform

Operators can resolve drift issues directly from the Terraform Drift tab by accepting changes with a refresh-only plan or by making changes to the new infrastructure state.

TFC Remediation

Benefits of drift detection for Terraform Cloud

  • Agility and simplicity

    A central plane to manage and provide visibility into your infrastructure without creating custom tooling or manually running a plan or refresh for every workspace or state.

  • Reduce risk

    Customizable notifications and context to understand when changes occur and track down who made them to understand why and avoid application downtime.

  • Reduce cost

    Notifications to the appropriate people when changes occur so you can take action to avoid unnecessary costs